Examples of using Shellcode in Chinese and their translations into English
{-}
-
Political
-
Ecclesiastic
-
Programming
那我们开始动手制作自己的shellcode。
Shellcode名称告诉我们一些东西,比如它的用途:.
The shellcode name tells us a few things, such like it uses:.在这篇文章中,我们会创建自己的shellcode。
On this page we will create our own ATLAS.在这里,我们可以清楚地看到shellcode会打开一个calc.
Here it is, we can clearly see the shellcode will just opens a calc.为克服防火墙的限制,它们使用本地TCP服务器来植入shellcode。
To overcome the firewall restrictions, they planted shellcodes with local TCP servers.ExitProcess将终止运行shellcode的进程.
ExitProcess will terminate 以下是与PEloaderx64版本相关的shellcode。
我们还将学习shellcode并编写我们自己的基本缓冲区溢出漏洞。
We will also be learning about shellcode and writing our own basic buffer overflow exploits.在这里,我们可以清楚地看到shellcode只会打开一个calc.
Here it is, we can clearly see the shellcode will just opens a calc.最后,两个PowerPCshellcode(目标架构)用于攻击控制器。
Finally, two PowerPC shellcodes(the target architecture) are used to compromise the controllers.Shellcode对另一个DLL进行解码和解压缩,它是UPPERCUT的更新变体。
The shellcode decodes and decompresses another DLL, which is an updated variant of UPPERCUT.您将获得一个新窗口将shellcode解码为字节(您甚至可以将其保存到文件中):.
You will get a new window will the shellcode decoded into bytes(you can even save it to file):.该网页中的代码触发UAF,并执行下载恶意负载的shellcode。
The code in this web page triggers the UAF and a shellcode that downloads a malicious payload is executed.可以看到,Shellcode正在加载操作套接字所需的库(ws2_32.dll),并尝试回连C&C。
Shellcode is loading the library needed to manipulate sockets(ws2_32. dll), and tries to connect back to C&C.代码执行并没有使用传统的ROP或者GodMod,而是通过脚本布局Shellcode来稳定利用。
Code execution does not use the traditional ROP or GodMod,but through the script layout Shellcode to stabilize the use.在这里,Shellcode在加载操作套接字所需的库(ws2_32.dll),并尝试连回C&C服务器。
Shellcode is loading the library needed to manipulate sockets(ws2_32. dll), and tries to connect back to C&C.在这个演示示例中,我刚刚使用了启动计算器的shellcode,导致在Excel.exe下生成一个子进程。
For this example, I just used calc spawning shellcode, which resulted in a child process being spawned under Excel. exe.呃,自我解释吧?Shellcode正在加载操作套接字所需的库(ws2_32.dll),并尝试连接回C&C。
Shellcode is loading the library needed to manipulate sockets(ws2_32. dll), and tries to connect back to C&C.接着HTML/JS启动器页面提供触发零日漏洞(CVE-2015-3043)并执行shellcode。
The HTML/JS launcher page serves a Flash exploit which triggers a Zero-Day vulnerability(CVE-2015-3043)and executes a shellcode.恶意软件允许攻击者轻松与安全控制器通信并远程操作系统内存注入shellcode;
The malware allowed the attackers to easily communicate with safety controllers andremotely manipulate system memory to inject shellcodes;然后将shellcode写入相应的内存,之后线程被启动,并指向shellcode的顶部。
The shellcode is then written into that allocation and then a thread is kicked off, pointing to the top of the shellcode.可执行侧载恶意DLL(libcurl.dll),它解密并运行位于同一文件夹中的shellcode(3F2E3AB9)。
The executable sideloads the malicious DLL(libcurl. dll),which decrypts and runs shellcode(3F2E3AB9) located in the same folder.如果利用成功,它将在内存中获得任意读/写操作,从而允许它执行第二阶段的shellcode。
If the exploit is successful, it will gain arbitrary read/ write operations within memory,thus allowing it to execute a second stage shellcode.EDR还是阻止了ShellCode注入csrss,同时也阻止了通过RtlCreateUserThread创建线程。
Shellcode是一个典型的Metasploitshellcode,使用shikata_ga_nai编码器[7]进行七次迭代保护。
The shellcode is a typical Metasploit shellcode, protected using the shikata_ga_nai encoder[7] with seven iterations.如何创建不同类型的shellcode来开发自己的概念验证漏洞攻击程序和必要的软件,以测试和识别漏洞.
How to create different types of shellcode to develop your own proof-ofconcept exploits and necessary software to test and identify vulnerabilities.之后,shellcode下载一个Meterpreter,这是一个典型的Metasploit有效载荷[6],允许攻击者控制被入侵的机器。
Then, the shellcode downloads a Meterpreter, which is a typical Metasploit payload[6], allowing the attacker to control the compromised machine.NET程序集,然后我们可以通过将VBScript/JScript代码传递给AddCode()方法,通过ScriptControl对象实现shellcode的执行。
NET assembly in VBScript/JScript, we can achieve shellcode execution via the ScriptControl object by passing the VBScript/JScript code to the AddCode() method.ShellcodeCompiler是一款能将C/C++代码编译成体积小,位置无关和无NULL字节的Windowsshellcode的工具。
Shellcode Compiler is a program that compiles C/C++ style code into a small, position-independent and NULL-free shellcode for Windows.
